Рет қаралды 70,158
In this video, we delve into the details of the CISSP 2024 exam changes - guiding you to navigate the exam changes with confidence!
00:00:00 Intro
00:01:09 Brief overview
00:03:02 Domain weighting changes
00:03:47 Pass Rate Talk with Lou Hablas
00:07:12 Domain weighting changes
00:08:19 CAT Exam changes
00:09:35 Detailed changes
00:10:58 Domain 1: Security & Risk Management
00:11:29 5 Pillars of Information Security
00:15:14 Sustain
00:15:22 Specific frameworks
00:15:40 Standards
00:16:27 Security control frameworks
00:17:07 ISO 27000 Family
00:18:02 Cyber Kill/Attack Chain
00:19:09 3 Major Enterprise Security Architectures
00:19:24 Merged sub-domains
00:19:32 Moved from removed sub-domain
00:19:46 Added “assess”
00:20:21 New topic
00:21:06 External Dependencies
00:22:53 Minor rewording
00:22:59 Cybersecurity Insurance
00:24:45 Minor rewording
00:24:51 Specific Frameworks
00:25:00 Risk Frameworks
00:25:46 Tampering, counterfeits
00:25:56 Risk associated with the acquisition of products and services
00:27:18 Specific Mitigations
00:27:23 Risk Mitigations
00:30:05 Minor rewording
00:30:10 Example content to review
00:30:34 Periodic content reviews
00:31:06 Domain 2: Asset Security
00:31:17 Domain 3: Security Architecture & Engineering
00:31:35 Keep it simple and small
00:32:51 Merged “Zero Trust” & “Trust but Verify”
00:35:03 Secure Access Service Edge (SASE)
00:37:19 Operational Technology
00:38:32 Types of ICS
00:38:46 Minor rewording - API
00:38:51 Quantum Key Distribution
00:39:11 Key Distribution
00:41:15 Minor rewording
00:41:25 Brand New Section!
00:41:34 Information System Lifecycle
00:43:12 Clarification from Rob
00:43:37 Information System Lifecycle
00:44:34 Domain 4: Communication and Network Security
00:44:45 Rewording
00:44:50 Anycast
00:45:00 Transmission Methods
00:46:57 IPSec, SSH, SSL/TLS
00:47:10 Converged Protocols (InfiniBand, Compute Express Link)
00:48:57 Transport Architecture
00:50:58 Network Topologies
00:53:05 Planes
00:53:41 Cut-through vs. Store-and-forward
00:54:28 Performance Metrics
00:57:08 Traffic flows
00:57:14 North-south & east-west traffic patterns
00:59:17 Physical Segmentation
01:01:21 Logical segmentation
01:02:51 Micro-segmentation
01:08:25 Edge Networks
01:10:09 Rewording
01:10:16 Software Defined Network (SDN)
01:11:00 Traditional Network
01:11:46 SDN
01:12:45 Virtual Private Cloud (VPC)
01:13:41 Monitoring & management
01:15:35 Rewording
01:15:58 Domain 5: Identity & Access Management
01:16:14 Services
01:17:03 Groups & Roles
01:18:27 AAA
01:20:01 Password-less Authentication
01:20:30 Advantages of password-less authentication
01:21:33 Challenges of password-less authentication
01:21:54 Password Vault
01:23:10 Access Policy Enforcement
01:24:07 Rewording
01:24:11 Service Accounts Management
01:24:47 Domain 6: Security Assessment & Testing
01:24:51 Rewording
01:24:58 Location
01:26:16 Red, Blue, and/or Purple Team
01:27:45 Added “benchmarks”
01:28:02 Location
01:28:09 Domain 7: Security Operations
01:28:14 Rewording
01:28:24 Tuning
01:29:41 Protecting Data at Rest & In Transit
01:30:01 Backup Storage Strategies
01:32:05 Resource Capacity Agreements
01:32:40 Domain 8: Software Development Security
01:32:50 Scaled Agile Framework
01:34:54 Interactive Application Security Testing
01:35:41 Removed cloud service models
01:36:33 The Easiest Way to Pass the CISSP exam!
Join our r/DestCert subreddit for valuable CISSP resources, training advice, support, and to connect with other CISSP professionals!